An organization is deploying an application in a VPC that requires SSL mutual authentication with a client-side certificate, as that is the primary method of identifying clients. The Network Engineer has been tasked with defining the mechanism used within AWS to provide the SSL mutual authentication. Which of the following options meets the organization's requirements?
A) Use a Classic Load Balancer and upload the client certificate private keys to it. Perform SSL mutual authentication of the client-side certificate there.
B) Use a Network Load Balancer with a TCP listener on port 443, and pass the request through for the SSL mutual authentication to be handled by a backend instance.
C) Use an Application Load Balancer and upload the client certificate private keys to it by using the native server name indication (SNI) features with smart certificate selection to handle multiple calling applications.
D) Front the application with Amazon API Gateway, and use its client-side SSL mutual authentication feature that uses the backend instances to verify the source of the request.
Correct Answer:
Verified
Q239: You are architecting your e-business application for
Q240: A user is trying to send custom
Q241: When an AWS Config rule is triggered
Q242: An organization processes consumer information submitted through
Q243: A company has a hybrid IT architecture
Q245: An organization has ordered a new AWS
Q246: Your company needs to leverage Amazon Simple
Q247: You can use the _ command of
Q248: You have several Amazon Glacier vaults you
Q249: DNS name resolution must be provided for
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents